[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how to check uniqueness of uidNumber ?

Hallvard B Furuseth wrote:
> WONG_Jeffrey@seac.pf writes:
> > So how can I check uniqueness of uidNumber ?
> LDAP doesn't support such constraints in the way some databases do.

But quite some LDAP servers do (like iplanet).

It greatly eases maintaining a 'proper' directory.
The alternative is to restrict LDAP write access to certain interfaces
(i.e. proxies) only and implement the uniqueness checks therein.
This is what we currently do, but it severely limits flexibility
and requires maintaining the proxies.
IMHO such a uniqueness check feature would be more useful than most of the
additional schema checking stuff introduced in 2.1.

Would it be hard to implement this?
I vaguely recall someone of the IBM guys that are regularly contributing to
OpenLDAP intended to work on this, but this may be an outdated information.

> Either search a new entry's uidNumber before adding it to check that it
> does not already exist, or use uidNumber as RDN (in which case you'll
> have to search for uid to verify that that is unique, instead.)

Designing all of the tree for this "application" is often not possible,
especially with meta-type directories that contain all sorts of different
subtrees, each of which contains DNs that are dictated by a particular


  Markus Storm, Telefonica Deutschland GmbH
  storm @ mediaways.net